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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[3 Responsive to communication(s) filed on 26 October 2005 . 
2a)E3 This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-25 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) Q Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) E3 The drawing(s) filed on 24 August 2001 is/are: a)D accepted or b)E3 objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. §119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C, § 1 19(a)-(d) or (f). 
a)D All b)DSome * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies' not received. 
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DETAILED ACTION 

1. In view of the appeal brief filed on 10/26/2005, PROSECUTION IS HEREBY 
REOPENED. New ground of rejection is set forth below. 

To avoid abandonment of the application, appellant must exercise one of the following two 
options: 

(1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 
CFR 1.113 (if this Office action is final); or, 

(2) request reinstatement of the appeal. 

If reinstatement of the appeal is requested, such request must be accompanied by a 
supplemental appeal brief, but no new amendments, affidavits (37 CFR 1.130, 1.131 or 
1.132) or other evidence are permitted. See 37 CFR 1.193(b)(2). 

2. Claims 1, 10 and 17 were previously (04/1 1/2005) amended. Claims 1-25 are still 
pending. 

Priority 

3. This application has no priority claim made. The filing date is 08/24/2001. 

Drawings 

2. Formal drawings are required in response to the instant Office action. A mechanical 
drawing with text description in the drawings. A drawing with no text description is considered 
informal, i.e. text description is required. Fig. 1 has no text description. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art 
to which said subject matter pertains. Patentability shall not be negatived by the manner in 
which the invention was made. 

Claims 1-25 rejected under 35 U.S.C. 103(a) as being unpatentable over Shandony (US 
6675261 B2) 5 hereinafter referred as Shandony, and further in view of Mangat et al. (US 
6049799 A), hereinafter referred as Mangat. 

a. Shandony shows (claim 1) a method comprising: populating a directory with entries 
for each of a plurality of users of a multi-user computing environment, wherein each 
entry in the directory comprises a user ID and one or more group names, wherein 
each of the one or more group names corresponds to a group to which the user ID 
belongs, and wherein at least one of the entries in the directory comprises a first 
group name of the one or more group names (Fig. 1, 5, 7-12: Empl, Org A, Org B, 
Org C, Org D, Uid, Create Group, My Groups, entity, domain; column 7, line 64- 
column 8, line 12: Group Manager 44 allows entities to create, delete and manage 
groups of users who need identical access privileges to a specific resource or set of 
resources. Managing and controlling privileges for a group of related people); 
determining a first group access control list for the first group name, wherein the first 
group access control list comprises the user IDs of users whose directory entries 
comprise the first group name (column 7, lines 64-column 8, 29: access privileges for 
a group of users on resources); for each data source in the multi-user computing 
environment which permits access by the first group name, granting access to the 
respective data source to the users in the first group access control list (Fig. 7-12; 
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column 7, line 64-column 8, line 12: Group Manager 44 allows entities to create, 
delete and manage groups of users who need identical access privileges to a specific 
resource or set of resources. Managing and controlling privileges for a group of 
related people). Shandony does not show explicitly (claim 1) wherein the first group 
access control list is stored outside of the directory. 

b. Mangat shows (claim 1) wherein the first group access control list is stored outside of 
the directory (Fig. 4 and 5, column 2, lines 14-28: new type of directory services 
object that may be used to provide document management of documents accessed by 
users, groups of users; column 12, line 23-33: user object and group object are 
separate: column 15, line 10-43: user object; column 16, line 13-21: group object; 
user object and group object are quite different in their functions) in an analogous art 
for the purpose of document link management using directory services. 

c. It would have been obvious to a person of ordinary skill in the art at the time of the 
invention was made to modify Shandony's functions of request based caching of data 
store data with Mangat 5 s function of document link management. 

d. The modification would have been obvious because one of ordinary skill in the art 
would have been motivated to have group access functions different from user access 
functions per Mangat and Shandony's teaching. 

e. Regarding claim 2, Shandony shows wherein each entry in the directory comprises a 
user password; and wherein the method further comprises authenticating each user ID 
using the associated user password (column 9, lines 10-43). 
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f. Regarding claim 3, Shandony shows wherein each entry in the directory comprises 
zero, one, or a plurality of hostnames (Fig. 1 and 3); wherein the directory comprises 
a first hostname; and wherein the method further comprises: for each data source in 
the multi-user computing environment which permits access by the first hostname, 
granting access to the data source to the one or more users whose directory entries 
comprise the first hostname and who are seeking access from the host having the first 
hostname (Fig. 1, 5 and 69; column 6, lines 52-57: The Access System includes 
Access Server 34, Web Gate 28, and Directory Server 36. Access Server 34 provides 
authentication, authorization, auditing logging services. It further provides for identity 
profiles to be used across multiple domains and Web Servers from a single webbased 
authentication (sign-on); column 71, line 47-column 72, line 12: checking POST from 
Web Gate for access verification). 

g. Regarding claim 4, Shandony shows wherein the data source comprises a file or a 
directory in a file system coupled to the multi-user computing environment (Fig. 1 , 3 
and 8-15). 

h. Regarding claim 5, Shandony shows wherein the access comprises read access; and 
wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control list to read 
the data source (column 13, lines 25-27). 

i. Regarding claim 6, Shandony shows wherein the access comprises write access; and 
wherein the granting access to the data source to the users in the first group access 
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control list comprises permitting the users in the first group access control list to write 
to the data source (column 13, lines 27-33). 

j. Regarding claim 7, Shandony shows wherein the access comprises execute access; 
and wherein the granting access to the data source to the users in the first group 
access control list comprises permitting the users in the first group access control list 
to execute the data source (column 13, lines 40-53). 

k. Regarding claim 8, Shandony shows for each data source in the multi-user computing 
environment which permits access by the first group name and owner but denies 
access to others, denying access to the data source to users who are not in the first 
group access control list and who are not the owner of the data source (column 7, 
lines 54-column 8, line 11; column 71, line 47-column 72, line 12: checking POST 
from Web Gate for access verification). 

1. Regarding claim 9, Shandony shows wherein the multi-user computing environment 
comprises a UNIX based operating system (column 11, lines 5-6). 

m. Claim 10 is of the same scope as claimsl and 4. It is rejected for the same reasons as 
for claims 1 and 4. 

n. Claims 1 1-16 are of the same scope as claims 2-3, 5-7 and 9. These are rejected for 

the same reasons as for claims 2-3, 5-7 and 9. 
o. Claims 17-25 are of the same scope as claims 1-9. These are rejected for the same 
reasons as for claims 1-9. 
Together Shandony and Mangat disclosed all limitations of claims 1-25. Claims 1-25 are 
rejected under 35 U.S.C. 103(a). 
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Response to Arguments 

5. Applicant's arguments with respect to pending claims have been considered but are moot 
in view of the new ground(s) of rejection. 

6. Applicant's arguments filed on 03/15/2005 have been fully considered, but they are not 
persuasive. 

a. In response to statements on rejection of claims 1-2, 4-1 1, 13-18 and 20-25: The 
applicant has claimed "the determining a first group access control list ..." with the 
references to Fig. 5, 127, Fig. 6, 603, page 3, line 24-page 4, line 2, page 12, lines 23- 
28, and page 13, lines 22-29. The cited references narrate the intended functions and 
possible contents of access control list. The cited references do not provide detail 
description of how to determine. The claim is thus interpreted to have access control 
list based on the directory entries. As a person of ordinary skill in the art at the time 
of invention was made would perfectly know what an access control list is for and 
how it would consist of. Both Shandony and Mangat have cited these limitations. As 
the applicant points out (Fig. 5), the directory server (1 13) and access control list 
(127) are in the same computer system (100). The applicant has also pointed out 
(page 10, lines 5-7) a file system (111) contains files, directories and any other 
suitable form of information. Neither Shandony nor Mangat preclude the access 
control list, i.e. group member list or group object, to be in the member directory, 
particularly Shandony. Mangat does put group objects in a directory service server 
that also contains other objects including user objects. That is not to say the user 
directory contains group objects. 
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b. In response to statements on rejection of claims 3, 12 and 19: The action is updated 
with additional references. 
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Conclusion 

7. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS 
from the mailing date of this action. In the event a first reply is filed within TWO MONTHS 
of the mailing date of this final action and the advisory action is not mailed until after the end 
of the THREE-MONTH shortened statutory period, then the shortened statutory period will 
expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 
1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

8. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. Refer to the enclosed PTO-892 for details. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peling A. Shaw whose telephone number is (571) 272-7968. The 
examiner can normally be reached on M-F 8:00 - 4:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on (571) 272-3923. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the statu9s of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
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applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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